GDPR for Payroll Professionals – 6 Steps to Prepare for the Legislation
The General Data Protection Regulation (GDPR) comes into force throughout Europe on May 25th 2018. GDPR changes Data Privacy rules and how personal data is handled and processed. GDPR will have a substantial impact on Payroll, HR and Finance teams. Each department should begin preparation for this regulation now in order be compliant by May 2018.
We have listed the top priorities for Payroll Professionals to help you prepare for the legislation:
1. Review HR and payroll data processes
Carry out a complete data audit of all personal data belonging to employee’s past and present;
Where is it stored? Who within the organisation has access to it? What data is being stored?
2. Minimise the data you hold
Document all the data you store and the reason for storing it.
Are you holding data belonging to past employees? Are you storing data you no longer need?
3. Document the data flow
Clear and detailed documentation of your data flow and process is essential for compliance with the legislation.
What personal data do you hold? Do you have permission to hold the data? Who within your department should have access to it?
4. Sharing Data
If you are sharing data with 3rd parties such as global payroll providers or payroll vendors, the contractual bases under which you do so will need to be reviewed and changed to comply with the GDPR. You will need to review their GDPR position to ensure it is in line with yours.
Under the new legislation a data breach must be reported with 72 hours. Payroll departments need to put in place a process to recognise and report a breach within the timeframe.
6.Protecting the data, you store
Provide actions for the responsible parties to enact the data protection policy, i.e. delete / anonymise / pseudonymise the sensitive data.
Failing to comply with GDPR has significant consequences in the form of large fines. Fines reaching as high as 4% of global turnover or €20million whichever is larger.
As a Payslip customer, we can help you catalogue your employee’s personal data, simplify how you manage and monitor the personal data of your global workforce and give you tools and resources you need to help meet the General Data Protection Regulations (GDPR).
To see our GDPR tool in action sign up for a demo today!